3eb3e7b11a5a82947ef2f5feed49c546

Sharing

Copy URL Twitter E-mail

General

Target

3eb3e7b11a5a82947ef2f5feed49c546
Size

4.4MB
MD5

3eb3e7b11a5a82947ef2f5feed49c546
SHA1

da2a59c048fdfe9ff6e7d34afc190a322955622b
SHA256

05e938ce97fd6285713bcfa8d7bd9c9c0a1c908d33bd58dd28648bbbb88a2963
SHA512

151b8b7434cb202645b23406c853374aa47b85a30752e66047c2707a8cedc674569bad16b33ce7aadb4a2f8990fcb40e02996c25049d7e562e23711b9956f255
SSDEEP

98304:UZMpW+h7ybmbQgdNzwPy8vcqcNy5XBjqbPTzZFfbZr9RYX3Fl7+:Uuw+lycRoakVAU1qbvZFTiHvq

Score

7^/10

aspackv2 upx

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/STANDA~1.EXE	aspack_v212_v242

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/asd.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/STANDA~1.EXE
unpack001/asd.exe

Files

3eb3e7b11a5a82947ef2f5feed49c546
.cab
STANDA~1.EXE
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

@$xp$14Sicomp@TsiLang
@$xp$15Sicomp@TsiLabel
@$xp$15Sicomp@pStrings
@$xp$16Sicomp@siComp__9
@$xp$17Sicomp@TTextStyle
@$xp$17Sicomp@siComp__61
@$xp$17Sicomp@siComp__71
@$xp$18Memini@TMemIniFile
@$xp$18Sicomp@TMyHKeyType
@$xp$19Memini@TMemIniEntry
@$xp$19Memini@TMemIniValue
@$xp$19Sicomp@TStringsType
@$xp$20Sicomp@TTestModeInfo
@$xp$20Sicomp@TTestModeKind
@$xp$20Sicomp@TsiCustomLang
@$xp$20Sicomp@TsiLangOption
@$xp$21Memini@TCustomIniFile
@$xp$21Sicomp@ELanguageError
@$xp$21Sicomp@TTranslateType
@$xp$21Sicomp@TsiFormStorage
@$xp$21Sicomp@TsiLangOptions
@$xp$22Sicomp@TSIBFileManager
@$xp$22Sicomp@TsiExtendedItem
@$xp$22Sicomp@TsiPropInfoList
@$xp$23Sicomp@TsiExtendedItems
@$xp$24Sicomp@TsiLangDispatcher
@$xp$24Sicomp@TsiSortCollection
@$xp$25Sicomp@TsiItemSortCompare
@$xp$27Sicomp@TsiExtendedItemClass
@$xp$27Sicomp@TsiStringsCollection
@$xp$29Sicomp@TLinkToDispatcherEvent
@$xp$31Sicomp@TsiStringsCollectionItem
@$xp$32Sicomp@TsiStringsCollectionClass
@@Dfservioctrl@Finalize
@@Dfservioctrl@Initialize
@@Dinstall2000@Finalize
@@Dinstall2000@Initialize
@@Dinstallfiles@Finalize
@@Dinstallfiles@Initialize
@@Dinstallgeneral@Finalize
@@Dinstallgeneral@Initialize
@@Execryptor@Finalize
@@Execryptor@Initialize
@@Izdstrevised@Finalize
@@Izdstrevised@Initialize
@@Oneinstance@Finalize
@@Oneinstance@Initialize
@@Rycursor@Finalize
@@Rycursor@Initialize
@@Ryloadresource@Finalize
@@Ryloadresource@Initialize
@@Tforminfo@Finalize
@@Tforminfo@Initialize
@@Tformmain@Finalize
@@Tformmain@Initialize
@@Thwinst2kxp@Finalize
@@Thwinst2kxp@Initialize
@@Tsilangdisp@Finalize
@@Tsilangdisp@Initialize
@@Uninstthawv4@Finalize
@@Uninstthawv4@Initialize
@@Uninstv4@Finalize
@@Uninstv4@Initialize
@Memini@ExtractTranslation$qqrx17System@AnsiStringxucxi
@Memini@Finalization$qqrv
@Memini@SearchBM$qqr17System@AnsiStringt1
@Memini@TCustomIniFile@
@Memini@TCustomIniFile@$bctr$qqrx17System@AnsiString
@Memini@TCustomIniFile@DeleteKey$qqrx17System@AnsiStringt1
@Memini@TCustomIniFile@EraseSection$qqrx17System@AnsiString
@Memini@TCustomIniFile@ReadBool$qqrx17System@AnsiStringt1o
@Memini@TCustomIniFile@ReadDate$qqrx17System@AnsiStringt116System@TDateTime
@Memini@TCustomIniFile@ReadDateTime$qqrx17System@AnsiStringt116System@TDateTime
@Memini@TCustomIniFile@ReadFloat$qqrx17System@AnsiStringt1d
@Memini@TCustomIniFile@ReadInteger$qqrx17System@AnsiStringt1i
@Memini@TCustomIniFile@ReadSection$qqrx17System@AnsiStringp16Classes@TStrings
@Memini@TCustomIniFile@ReadSectionValues$qqrx17System@AnsiStringp16Classes@TStrings
@Memini@TCustomIniFile@ReadSections$qqrp16Classes@TStrings
@Memini@TCustomIniFile@ReadString$qqrx17System@AnsiStringt1t1
@Memini@TCustomIniFile@ReadTime$qqrx17System@AnsiStringt116System@TDateTime
@Memini@TCustomIniFile@SectionExists$qqrx17System@AnsiString
@Memini@TCustomIniFile@UpdateFile$qqrv
@Memini@TCustomIniFile@ValueExists$qqrx17System@AnsiStringt1
@Memini@TCustomIniFile@WriteBool$qqrx17System@AnsiStringt1o
@Memini@TCustomIniFile@WriteDate$qqrx17System@AnsiStringt116System@TDateTime
@Memini@TCustomIniFile@WriteDateTime$qqrx17System@AnsiStringt116System@TDateTime
@Memini@TCustomIniFile@WriteFloat$qqrx17System@AnsiStringt1d
@Memini@TCustomIniFile@WriteInteger$qqrx17System@AnsiStringt1i
@Memini@TCustomIniFile@WriteString$qqrx17System@AnsiStringt1t1
@Memini@TCustomIniFile@WriteTime$qqrx17System@AnsiStringt116System@TDateTime
@Memini@TMemIniEntry@
@Memini@TMemIniEntry@$bctr$qqrv
@Memini@TMemIniEntry@$bdtr$qqrv
@Memini@TMemIniEntry@Add$qqrx17System@AnsiString
@Memini@TMemIniEntry@Add$qqrx17System@AnsiStringt1
@Memini@TMemIniEntry@Assign$qqrp19Classes@TPersistent
@Memini@TMemIniEntry@Clear$qqrv
@Memini@TMemIniEntry@Delete$qqri
@Memini@TMemIniEntry@Find$qqrx17System@AnsiStringri
@Memini@TMemIniEntry@GetStringCount$qqrv
@Memini@TMemIniEntry@GetValue$qqri
@Memini@TMemIniEntry@SetValue$qqri17System@AnsiString
@Memini@TMemIniEntry@divideKeyValue$qqrx17System@AnsiStringr17System@AnsiStringt2
@Memini@TMemIniEntry@getEntry$qqri
@Memini@TMemIniEntry@getKey$qqri
@Memini@TMemIniFile@
@Memini@TMemIniFile@$bctr$qqrx17System@AnsiString
@Memini@TMemIniFile@$bdtr$qqrv
@Memini@TMemIniFile@AddSection$qqrx17System@AnsiString
@Memini@TMemIniFile@Clear$qqrv
@Memini@TMemIniFile@DeleteKey$qqrx17System@AnsiStringt1
@Memini@TMemIniFile@EraseSection$qqrx17System@AnsiString
@Memini@TMemIniFile@GetStrings$qqrp16Classes@TStrings
@Memini@TMemIniFile@LoadValues$qqrv
@Memini@TMemIniFile@ReadSection$qqrx17System@AnsiStringp16Classes@TStrings
@Memini@TMemIniFile@ReadSectionValues$qqrx17System@AnsiStringp16Classes@TStrings
@Memini@TMemIniFile@ReadSections$qqrp16Classes@TStrings
@Memini@TMemIniFile@ReadString$qqrx17System@AnsiStringt1t1
@Memini@TMemIniFile@Rename$qqrx17System@AnsiStringo
@Memini@TMemIniFile@SetStrings$qqrp16Classes@TStrings
@Memini@TMemIniFile@UpdateFile$qqrv
@Memini@TMemIniFile@WriteString$qqrx17System@AnsiStringt1t1
@Memini@TMemIniValue@
@Memini@initialization$qqrv
@Sicomp@AnsiStringToWideStringCP$qqrx17System@AnsiStringxuc
@Sicomp@CHARSETSTR
@Sicomp@CHARSETVALS
@Sicomp@DisplayHelpTopic$qqruii
@Sicomp@ELanguageError@
@Sicomp@ExtractWord$qqrix17System@AnsiStringrx29System@%Set$tc$iuc$0$iuc$255%
@Sicomp@Finalization$qqrv
@Sicomp@GetEnumMembers$qqrpx17Typinfo@TPropInfopx16Classes@TStrings
@Sicomp@GetIniNames$qqrp16Classes@TStrings
@Sicomp@GetSetMembers$qqrpx17Typinfo@TPropInfopx16Classes@TStrings
@Sicomp@Gregorian2Hijri$qqrx16System@TDateTimerit2t2
@Sicomp@HighestInternalResourceID
@Sicomp@Hijri2Gregorian$qqrxixixi
@Sicomp@HookedProps
@Sicomp@IniNames
@Sicomp@IsValidIniSection$qqrx17System@AnsiString
@Sicomp@MsgDlgButtonClass
@Sicomp@MsgDlgEditClass
@Sicomp@MsgDlgFormClass
@Sicomp@MsgDlgLabelClass
@Sicomp@ReplaceStr$qqrx17System@AnsiStringt1t1xo
@Sicomp@SiGetAveCharSize$qqrp16Graphics@TCanvas
@Sicomp@TSIBFileManager@
@Sicomp@TSIBFileManager@$bctr$qqrv
@Sicomp@TSIBFileManager@$bctr$qqrx17System@AnsiString
@Sicomp@TSIBFileManager@$bdtr$qqrv
@Sicomp@TSIBFileManager@Add$qqrpx20Sicomp@TsiCustomLang
@Sicomp@TSIBFileManager@AssignTo$qqrp19Classes@TPersistent
@Sicomp@TSIBFileManager@Clear$qqrv
@Sicomp@TSIBFileManager@ClearList$qqrv
@Sicomp@TSIBFileManager@GetCompCount$qqrv
@Sicomp@TSIBFileManager@GetComponentSize$qqrxi
@Sicomp@TSIBFileManager@GetOwnerNames$qqri
@Sicomp@TSIBFileManager@GetsiComponents$qqri
@Sicomp@TSIBFileManager@LoadAllFromFile$qqrx17System@AnsiString
@Sicomp@TSIBFileManager@LoadFromFile$qqrpx20Sicomp@TsiCustomLangx17System@AnsiStringt2
@Sicomp@TSIBFileManager@LoadFromStream$qqrpx20Sicomp@TsiCustomLangx17System@AnsiStringp15Classes@TStream
@Sicomp@TSIBFileManager@LoadPropFromFile$qqr19Sicomp@TStringsTypex17System@AnsiStringpx20Sicomp@TsiCustomLangt2
@Sicomp@TSIBFileManager@Move$qqrxixi
@Sicomp@TSIBFileManager@ReadFileContent$qqrx17System@AnsiString
@Sicomp@TSIBFileManager@ReadStreamContent$qqrp15Classes@TStream
@Sicomp@TSIBFileManager@Remove$qqrxi
@Sicomp@TSIBFileManager@SaveToFile$qqrx17System@AnsiString
@Sicomp@TSIBFileManager@SaveToStream$qqrp15Classes@TStream
@Sicomp@TSIBFileManager@SetFixedLanguages$qqrpx16Classes@TStrings
@Sicomp@TSIBFileManager@SetOwnerNames$qqrix17System@AnsiString
@Sicomp@TSIBFileManager@SetsiComponents$qqripx20Sicomp@TsiCustomLang
@Sicomp@TTestModeInfo@
@Sicomp@TTestModeInfo@$bctr$qqrv
@Sicomp@TextAlignments
@Sicomp@TsiCustomLang@
@Sicomp@TsiCustomLang@$bctr$qqrp18Classes@TComponent
@Sicomp@TsiCustomLang@$bdtr$qqrv
@Sicomp@TsiCustomLang@AddString$qqrx17System@AnsiStringpx17System@AnsiStringxi
@Sicomp@TsiCustomLang@BuildList$qqrv
@Sicomp@TsiCustomLang@BuildStringByOne$qqrx17System@AnsiStringxi
@Sicomp@TsiCustomLang@ChangeDelimOnExtended$qqrucuc
@Sicomp@TsiCustomLang@ChangeDelimOnStrs$qqrucucp16Classes@TStrings
@Sicomp@TsiCustomLang@ChangeLangDelim$qqrucuc
@Sicomp@TsiCustomLang@ChangeLangForExtended$qqrv
@Sicomp@TsiCustomLang@ChangeLanguage$qqrv
@Sicomp@TsiCustomLang@CheckRmdProps$qqrv
@Sicomp@TsiCustomLang@ClearTranslations$qqrv
@Sicomp@TsiCustomLang@ComponentRenamed$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@CreateMessageDialog$qqrx17System@AnsiString19Dialogs@TMsgDlgType47System@%Set$t18Dialogs@TMsgDlgBtn$iuc$0$iuc$10%x18Dialogs@TMsgDlgBtnt4
@Sicomp@TsiCustomLang@CreateStrForTestMode$qqrx17System@AnsiStringxuc
@Sicomp@TsiCustomLang@CreateTestFromString$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@DefineProperties$qqrp14Classes@TFiler
@Sicomp@TsiCustomLang@DelOldNames$qqrp16Classes@TStrings19Sicomp@TStringsType
@Sicomp@TsiCustomLang@DeleteString$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@DoStoreDNT$qqrv
@Sicomp@TsiCustomLang@DoStoreExcluded$qqrv
@Sicomp@TsiCustomLang@DoStoreExtended$qqrv
@Sicomp@TsiCustomLang@DoStoreSmart$qqrv
@Sicomp@TsiCustomLang@ExcludeProperties$qqrv
@Sicomp@TsiCustomLang@FillDialogs$qqrv
@Sicomp@TsiCustomLang@FillNewDialogs$qqrv
@Sicomp@TsiCustomLang@GetIDIndex$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetObjByPath$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetObjectFontCharset$qqrpx14System@TObject
@Sicomp@TsiCustomLang@GetObjectFontName$qqrpx14System@TObject
@Sicomp@TsiCustomLang@GetObjectStrProperty$qqrpx14System@TObjectx17System@AnsiString
@Sicomp@TsiCustomLang@GetPropListByName$qqr17System@AnsiString
@Sicomp@TsiCustomLang@GetPropListByType$qqr19Sicomp@TStringsType
@Sicomp@TsiCustomLang@GetPropTypeByPath$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetPropValueByPath$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetStringID$qqrxi
@Sicomp@TsiCustomLang@GetStringValue$qqrpp16Classes@TStrings17System@AnsiStringi
@Sicomp@TsiCustomLang@GetStringValue$qqrpx16Classes@TStrings17System@AnsiStringi
@Sicomp@TsiCustomLang@GetText$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetTextC$qqr17System@AnsiString
@Sicomp@TsiCustomLang@GetTextFrom$qqrpx16Classes@TStringsx17System@AnsiStringo
@Sicomp@TsiCustomLang@GetTextFromByIndex$qqrpp16Classes@TStringsio
@Sicomp@TsiCustomLang@GetTextFromByIndex$qqrpx16Classes@TStringsio
@Sicomp@TsiCustomLang@GetTextOrDefault$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetTextOrDefaultC$qqr17System@AnsiString
@Sicomp@TsiCustomLang@GetTextOrDefaultW$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetTextOrDefined$qqrx17System@AnsiStringxi
@Sicomp@TsiCustomLang@GetTextOrDefinedW$qqrx17System@AnsiStringxi
@Sicomp@TsiCustomLang@GetTextW$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@GetTextbyInt$qqri
@Sicomp@TsiCustomLang@GetTranslateOwner$qqrv
@Sicomp@TsiCustomLang@InputBox$qqrx17System@AnsiStringt1t1xc
@Sicomp@TsiCustomLang@InputQuery$qqrx17System@AnsiStringt1r17System@AnsiStringxc
@Sicomp@TsiCustomLang@IntExtractTranslation$qqrx17System@AnsiStringxucxi
@Sicomp@TsiCustomLang@IntSetStringProp$qqrpx14System@TObjectx17System@AnsiStringt2
@Sicomp@TsiCustomLang@IsHandledTStrings$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@LoadAllFromBinaryFile$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@LoadAllFromBinaryStream$qqrp15Classes@TStream
@Sicomp@TsiCustomLang@LoadAllFromFile$qqrx17System@AnsiStringo
@Sicomp@TsiCustomLang@LoadAllFromFileDNC$qqrx17System@AnsiStringo
@Sicomp@TsiCustomLang@LoadAllFromStream$qqrp15Classes@TStreamo
@Sicomp@TsiCustomLang@LoadExtendedFromFile$qqrx17System@AnsiStringxo
@Sicomp@TsiCustomLang@LoadExtendedFromStream$qqrpx15Classes@TStreamxo
@Sicomp@TsiCustomLang@LoadFromFile$qqr19Sicomp@TStringsTypex17System@AnsiStringo
@Sicomp@TsiCustomLang@LoadFromStream$qqr19Sicomp@TStringsTypep15Classes@TStreamo
@Sicomp@TsiCustomLang@LoadLanguage$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@LoadLanguageByExt$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@LoadLanguageByProp$qqr19Sicomp@TStringsTypex17System@AnsiStringt2
@Sicomp@TsiCustomLang@LoadPropFromBinaryFile$qqr19Sicomp@TStringsTypex17System@AnsiString
@Sicomp@TsiCustomLang@LoadStringsColl$qqrpx27Sicomp@TsiStringsCollectionxi
@Sicomp@TsiCustomLang@LoadStringsFromFile$qqrx17System@AnsiStringo
@Sicomp@TsiCustomLang@Loaded$qqrv
@Sicomp@TsiCustomLang@MakeNotification$qqrp16Classes@TStringsp18Classes@TComponent18Classes@TOperation19Sicomp@TStringsType
@Sicomp@TsiCustomLang@MergeAllFromFile$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@MergeAllFromFileDNC$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@MergeAllFromStream$qqrp15Classes@TStream
@Sicomp@TsiCustomLang@MergeAllFromStreamDNC$qqrp15Classes@TStream
@Sicomp@TsiCustomLang@MergeFromFile$qqrx19Sicomp@TStringsTypex17System@AnsiString
@Sicomp@TsiCustomLang@MergeFromStream$qqrx19Sicomp@TStringsTypepx15Classes@TStream
@Sicomp@TsiCustomLang@MessageDlg$qqrx17System@AnsiString19Dialogs@TMsgDlgType47System@%Set$t18Dialogs@TMsgDlgBtn$iuc$0$iuc$10%ix18Dialogs@TMsgDlgBtnt5
@Sicomp@TsiCustomLang@MessageDlgPos$qqrx17System@AnsiString19Dialogs@TMsgDlgType47System@%Set$t18Dialogs@TMsgDlgBtn$iuc$0$iuc$10%iiix18Dialogs@TMsgDlgBtnt7
@Sicomp@TsiCustomLang@MessageDlgPosHelp$qqrx17System@AnsiString19Dialogs@TMsgDlgType47System@%Set$t18Dialogs@TMsgDlgBtn$iuc$0$iuc$10%iiit1x18Dialogs@TMsgDlgBtnt8
@Sicomp@TsiCustomLang@NormalizeStrings$qqrv
@Sicomp@TsiCustomLang@NotHandledProperty$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Sicomp@TsiCustomLang@ObjectHasProperty$qqrpx14System@TObjectx17System@AnsiStringt2x46System@%Set$t17Typinfo@TTypeKind$iuc$0$iuc$17%
@Sicomp@TsiCustomLang@ReBuildDoNotList$qqrv
@Sicomp@TsiCustomLang@ReadOurStrProps$qqrp15Classes@TStream
@Sicomp@TsiCustomLang@RemoveSmartExcl$qqrp16Classes@TStringsx17System@AnsiStringt2x19Sicomp@TStringsType
@Sicomp@TsiCustomLang@ReplaceStringValue$qqrpp16Classes@TStrings17System@AnsiStringt2i
@Sicomp@TsiCustomLang@ReplaceStringValue$qqrpx16Classes@TStrings17System@AnsiStringt2i
@Sicomp@TsiCustomLang@SaveAllToBinaryFile$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@SaveAllToFile$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@SaveAllToStream$qqrp15Classes@TStreamx17System@AnsiString
@Sicomp@TsiCustomLang@SaveExtendedToFile$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@SaveExtendedToStream$qqrpx15Classes@TStreamx17System@AnsiString
@Sicomp@TsiCustomLang@SaveStringsToFile$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@SaveToFile$qqr19Sicomp@TStringsTypex17System@AnsiStringt2
@Sicomp@TsiCustomLang@SaveToStream$qqr19Sicomp@TStringsTypep15Classes@TStreamx17System@AnsiString
@Sicomp@TsiCustomLang@SetActLang$qqri
@Sicomp@TsiCustomLang@SetCaptions$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetChangeLocales$qqrxo
@Sicomp@TsiCustomLang@SetCharSets$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetCollections$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetDefaultLanguage$qqrxi
@Sicomp@TsiCustomLang@SetDlgsCaptions$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetDoNotList$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetExProps$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetExtendedTranslations$qqrpx23Sicomp@TsiExtendedItems
@Sicomp@TsiCustomLang@SetFixedLanguages$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetFonts$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetHandleResourceStrings$qqrxo
@Sicomp@TsiCustomLang@SetHints$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetLabels$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetLangDelim$qqruc
@Sicomp@TsiCustomLang@SetLangDispatcher$qqrpx24Sicomp@TsiLangDispatcher
@Sicomp@TsiCustomLang@SetLangNames$qqrpx16Classes@TStrings
@Sicomp@TsiCustomLang@SetLanguage$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@SetMultiLines$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetNeedAllDlgs$qqrxo
@Sicomp@TsiCustomLang@SetNumLang$qqri
@Sicomp@TsiCustomLang@SetObjectStrProperty$qqrpx14System@TObjectx17System@AnsiStringt2
@Sicomp@TsiCustomLang@SetOptions$qqrx48System@%Set$t20Sicomp@TsiLangOption$iuc$0$iuc$1%
@Sicomp@TsiCustomLang@SetOthers$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetPropValueByPath$qqrx17System@AnsiStringt1
@Sicomp@TsiCustomLang@SetResourceLanguageIndex$qqrxus
@Sicomp@TsiCustomLang@SetSmartProps$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetStrings$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetStringsTypes$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetSystem$qqrp16Classes@TStrings
@Sicomp@TsiCustomLang@SetUseDefaultLanguage$qqrxo
@Sicomp@TsiCustomLang@SetVersion$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@ShowMessage$qqrx17System@AnsiString
@Sicomp@TsiCustomLang@ShowMessageFmt$qqrx17System@AnsiStringpx14System@TVarRecxi
@Sicomp@TsiCustomLang@ShowMessagePos$qqrx17System@AnsiStringii
@Sicomp@TsiCustomLang@UpdateCurrentCharset$qqrv
@Sicomp@TsiCustomLang@UpdateExtended$qqrv
@Sicomp@TsiCustomLang@UpdateStrCollections$qqrv
@Sicomp@TsiCustomLang@WriteOurStrProps$qqrp15Classes@TStream
@Sicomp@TsiCustomLang@siGetStrprop$qqrpx14System@TObjectpx17Typinfo@TPropInfo
@Sicomp@TsiCustomLang@siSetStrProp$qqrpx14System@TObjectpx17Typinfo@TPropInfox17System@AnsiString
@Sicomp@TsiExtendedItem@
@Sicomp@TsiExtendedItem@$bctr$qqrp19Classes@TCollection
@Sicomp@TsiExtendedItem@AssignTo$qqrp19Classes@TPersistent
@Sicomp@TsiExtendedItem@DefineProperties$qqrp14Classes@TFiler
@Sicomp@TsiExtendedItem@GetDisplayName$qqrv
@Sicomp@TsiExtendedItem@GetIdentifier$qqrv
@Sicomp@TsiExtendedItem@GetIsRoot$qqrv
@Sicomp@TsiExtendedItem@ReadValues$qqrp15Classes@TStream
@Sicomp@TsiExtendedItem@SetIdentifier$qqrx17System@AnsiString
@Sicomp@TsiExtendedItem@SetPropertyType$qqrx17Typinfo@TTypeKind
@Sicomp@TsiExtendedItem@SetRelComponent$qqrpx18Classes@TComponent
@Sicomp@TsiExtendedItem@SetValues$qqrx17System@AnsiString
@Sicomp@TsiExtendedItem@WriteValues$qqrp15Classes@TStream
@Sicomp@TsiExtendedItems@
@Sicomp@TsiExtendedItems@$bctr$qqrp17System@TMetaClassp18Classes@TComponent
@Sicomp@TsiExtendedItems@Add$qqrv
@Sicomp@TsiExtendedItems@Find$qqrx17System@AnsiString
@Sicomp@TsiExtendedItems@GetItems$qqri
@Sicomp@TsiExtendedItems@GetOwner$qqrv
@Sicomp@TsiExtendedItems@SetItems$qqripx22Sicomp@TsiExtendedItem
@Sicomp@TsiFormStorage@
@Sicomp@TsiFormStorage@$bctr$qqrp18Classes@TComponent
@Sicomp@TsiFormStorage@$bdtr$qqrv
@Sicomp@TsiFormStorage@FormDestroing$qqrp14System@TObject
@Sicomp@TsiFormStorage@GetForm$qqrv
@Sicomp@TsiFormStorage@Loaded$qqrv
@Sicomp@TsiFormStorage@ReadSettings$qqrv
@Sicomp@TsiFormStorage@SetMyActive$qqro
@Sicomp@TsiFormStorage@SetRegRootKey$qqr18Sicomp@TMyHKeyType
@Sicomp@TsiFormStorage@SetSubKey$qqr17System@AnsiString
@Sicomp@TsiLabel@
@Sicomp@TsiLabel@$bctr$qqrp18Classes@TComponent
@Sicomp@TsiLabel@$bdtr$qqrv
@Sicomp@TsiLabel@Draw3DText$qqrrx11Types@TRectus
@Sicomp@TsiLabel@Paint$qqrv
@Sicomp@TsiLabel@SetShadowColor$qqr15Graphics@TColor
@Sicomp@TsiLabel@SetShadowDepth$qqri
@Sicomp@TsiLabel@SetShadowUp$qqro
@Sicomp@TsiLabel@SetTextStyle$qqr17Sicomp@TTextStyle
@Sicomp@TsiLabel@SetThreeDColor$qqr15Graphics@TColor
@Sicomp@TsiLabel@SetThreeDLeft$qqro
@Sicomp@TsiLabel@SetWidthDepth$qqri
@Sicomp@TsiLang@
@Sicomp@TsiLangDispatcher@
@Sicomp@TsiLangDispatcher@$bctr$qqrp18Classes@TComponent
@Sicomp@TsiLangDispatcher@$bdtr$qqrv
@Sicomp@TsiLangDispatcher@AddReference$qqrp20Sicomp@TsiCustomLang
@Sicomp@TsiLangDispatcher@GetSiLangs$qqri
@Sicomp@TsiLangDispatcher@GetSiLangsCount$qqrv
@Sicomp@TsiLangDispatcher@LoadAllFromFile$qqr17System@AnsiString
@Sicomp@TsiLangDispatcher@LoadAllFromStream$qqrp15Classes@TStream
@Sicomp@TsiLangDispatcher@Loaded$qqrv
@Sicomp@TsiLangDispatcher@Notification$qqrp18Classes@TComponent18Classes@TOperation
@Sicomp@TsiLangDispatcher@RemovePossibleReference$qqrp20Sicomp@TsiCustomLang
@Sicomp@TsiLangDispatcher@SaveAllToBinaryFile$qqrx17System@AnsiString
@Sicomp@TsiLangDispatcher@SaveAllToFile$qqrx17System@AnsiStringt1
@Sicomp@TsiLangDispatcher@SetActiveLanguage$qqrxi
@Sicomp@TsiLangDispatcher@SetDefaultLanguage$qqrxi
@Sicomp@TsiLangDispatcher@SetFileName$qqrx17System@AnsiString
@Sicomp@TsiLangDispatcher@SetLangNames$qqrpx16Classes@TStrings
@Sicomp@TsiLangDispatcher@SetLanguage$qqrx17System@AnsiString
@Sicomp@TsiLangDispatcher@SetNumOfLanguages$qqrxi
@Sicomp@TsiLangDispatcher@SetOnLinkToDispatcher$qqrxynpqqrp14System@TObjectp20Sicomp@TsiCustomLang$v
@Sicomp@TsiLangDispatcher@SetUseDefaultLanguage$qqrxo
@Sicomp@TsiPropInfoList@
@Sicomp@TsiPropInfoList@$bctr$qqrp14System@TObject46System@%Set$t17Typinfo@TTypeKind$iuc$0$iuc$17%
@Sicomp@TsiPropInfoList@$bdtr$qqrv
@Sicomp@TsiPropInfoList@Contains$qqrp17Typinfo@TPropInfo
@Sicomp@TsiPropInfoList@Delete$qqri
@Sicomp@TsiPropInfoList@Find$qqrx17System@AnsiString
@Sicomp@TsiPropInfoList@Get$qqri
@Sicomp@TsiPropInfoList@Intersect$qqrp22Sicomp@TsiPropInfoList
@Sicomp@TsiSortCollection@
@Sicomp@TsiSortCollection@QuickSort$qqriiynpqqrp23Classes@TCollectionItemt1$i
@Sicomp@TsiSortCollection@Sort$qqrynpqqrp23Classes@TCollectionItemt1$i
@Sicomp@TsiStringsCollection@
@Sicomp@TsiStringsCollection@$bctr$qqrp17System@TMetaClassp18Classes@TComponent
@Sicomp@TsiStringsCollection@Add$qqrv
@Sicomp@TsiStringsCollection@GetIDIndex$qqrx17System@AnsiString
@Sicomp@TsiStringsCollection@GetItems$qqri
@Sicomp@TsiStringsCollection@GetOwner$qqrv
@Sicomp@TsiStringsCollection@GetTranslationByID$qqrx17System@AnsiStringxi
@Sicomp@TsiStringsCollection@GetTranslationByLang$qqrx17System@AnsiStringxi
@Sicomp@TsiStringsCollection@GetTranslationByLang2$qqrx17System@AnsiStringxi
@Sicomp@TsiStringsCollection@SetItems$qqripx31Sicomp@TsiStringsCollectionItem
@Sicomp@TsiStringsCollection@Sort$qqrv
@Sicomp@TsiStringsCollection@SortByID$qqrp23Classes@TCollectionItemt1
@Sicomp@TsiStringsCollection@SortByLang$qqrp23Classes@TCollectionItemt1
@Sicomp@TsiStringsCollectionItem@
@Sicomp@TsiStringsCollectionItem@$bctr$qqrp19Classes@TCollection
@Sicomp@TsiStringsCollectionItem@$bdtr$qqrv
@Sicomp@TsiStringsCollectionItem@SetValues$qqrpx16Classes@TStrings
@Sicomp@WideStringToAnsiStringCP$qqrx17System@WideStringxuc
@Sicomp@XorString$qqrx17System@AnsiStringt1
@Sicomp@_SStringNotFound
@Sicomp@_SUnableToFindClass
@Sicomp@initialization$qqrv
@Sicomp@siExpandStringByChars$qqrx17System@AnsiStringxdc
@Sicomp@siFlipCase$qqrx17System@AnsiString
@Sicomp@siGetObjectProp$qqrp14System@TObjectp17Typinfo@TPropInfo
@Sicomp@siIsBinaryFile$qqrx17System@AnsiString
@Sicomp@siMatchFmtStrings$qqrx17System@AnsiStringt1
@Sicomp@siRemoveLanguage$qqrpx20Sicomp@TsiCustomLangxi
@Sicomp@siSetObjectProp$qqrp14System@TObjectp17Typinfo@TPropInfot1
@Sicomp@tkIntegers
@Sicomp@tkStrings
@System@TObject@ClassName$qqrv
EXECryptor_AntiDebug
EXECryptor_DecodeSerialNumber
EXECryptor_DecodeSerialNumberW
EXECryptor_DecryptStr
EXECryptor_DecryptStrW
EXECryptor_EncryptStr
EXECryptor_EncryptStrW
EXECryptor_GetDate
EXECryptor_GetEXECryptorVersion
EXECryptor_GetHardwareID
EXECryptor_GetProcAddr
EXECryptor_GetReleaseDate
EXECryptor_GetTrialDaysLeft
EXECryptor_GetTrialRunsLeft
EXECryptor_IsAppProtected
EXECryptor_IsRegistered
EXECryptor_MessageBoxA
EXECryptor_ProtectImport
EXECryptor_RegConst_0
EXECryptor_RegConst_1
EXECryptor_RegConst_2
EXECryptor_RegConst_3
EXECryptor_RegConst_4
EXECryptor_RegConst_5
EXECryptor_RegConst_6
EXECryptor_RegConst_7
EXECryptor_SecureRead
EXECryptor_SecureReadW
EXECryptor_SecureWrite
EXECryptor_SecureWriteW
EXECryptor_VerifySerialNumber
EXECryptor_VerifySerialNumberW
_FormInfo
_FormMain
_LangDataModule
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 430KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
asd.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 430KB - Virtual size: 1.2MB

.data Size: 28KB - Virtual size: 220KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 12KB

.didata Size: 512B - Virtual size: 4KB

.edata Size: 27KB - Virtual size: 28KB

.rsrc Size: 119KB - Virtual size: 404KB

.reloc Size: - Virtual size: 64KB

.aspack Size: 35KB - Virtual size: 36KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 228KB

UPX1 Size: 109KB - Virtual size: 112KB

.rsrc Size: 26KB - Virtual size: 28KB

.text
Size: 430KB - Virtual size: 1.2MB

.data
Size: 28KB - Virtual size: 220KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 12KB

.didata
Size: 512B - Virtual size: 4KB

.edata
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 119KB - Virtual size: 404KB

.reloc
Size: - Virtual size: 64KB

.aspack
Size: 35KB - Virtual size: 36KB

.adata
Size: - Virtual size: 4KB

UPX0
Size: - Virtual size: 228KB

UPX1
Size: 109KB - Virtual size: 112KB

.rsrc
Size: 26KB - Virtual size: 28KB